Installing the Cisco Duo Authentication Proxy (CDAP)
The next stage is to install the Cisco Duo Authentication Proxy, also referred to as CDAP.
The CDAP product is available as a Jetpack, a containerized application developed by Edgenexus in collaboration with Cisco. The CDAP Jetpack installs directly into the ADC using the Dockers container technology.
1. Log into the ADC using administrator credentials.
2. First, we will navigate to the App Store and download the Cisco Duo Authentication Proxy app. We will assume that you have created your App Store account (https://appstore.edgenexus.io) and associated this with your ADC.
3. Navigate to Services > App store
4. Click on the Applications icon and click on the Duo application icon
5. The application is free, and you can click the Sign Up Now button. This action will add the application to the shopping cart, as shown below.
6. Click checkout, and the CDAP app will appear in your purchased items within the Services > App Store section.
7. Click the Download button to download the App to the ADC appliance.
8. Once downloaded, the App will then appear in the Downloaded Apps section on the same page.
9. Now click on the Deploy button to deploy it into a container, ready for configuration.
10. Navigate to Library > Add-Ons once the deployment process is complete.
11. You will now need to fill in the details highlighted using the table below the image.
Field
|
Data
|
Container Name
|
A name you will give for the CDAP application. The name you provide will be referenced later within the flightPATH rules you will create for Duo to work.
|
External IP
|
The external IP value can be anything within the subnet in which the ADC sits.
|
External Ports
|
The value to be entered here is: as follows:
389/TCP, 1812/UDP, 8812/TCP
LDAP uses 389/TCP, Radius uses 1812/UDP, and the Cisco Duo Authentication Proxy (CDAP) uses 8812/TCP.
|
12. Click the PLAY or START button to activate the CDAP App. The screen should show something similar to the image below.
13. Click the Add-On GUI button.
14. The first time you visit the CDAP App's user interface, you will be asked to create the admin password for the App.